Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft
File:                     nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft (raw, json)
Hash identifier:          SI5NUCxospkX968KJ8gz3lezQ2bAq7AKsLy6vyrZOzk=
Subject key identifier:   6D:06:FB:B6:7A:C5:8C:13:11:27:96:F6:D7:A1:9D:9A:27:2B:67:A8
Authority key identifier: 9F:39:96:68:63:D8:2F:A8:BD:1C:A3:93:69:05:FA:1E:24:A9:A0:BF
Certificate issuer:       /CN=9f39966863d82fa8bd1ca3936905fa1e24a9a0bf
Certificate serial:       019A725C952A7F0538761D7AA5B873D19D0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nzmWaGPYL6i9HKOTaQX6HiSpoL8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft
Manifest number:          16AD
Signing time:             Tue 11 Nov 2025 10:01:01 +0000
Manifest this update:     Tue 11 Nov 2025 10:01:01 +0000
Manifest next update:     Wed 12 Nov 2025 10:01:01 +0000
Files and hashes:         1: nzmWaGPYL6i9HKOTaQX6HiSpoL8.crl (hash: mznNaCC8+S9kGjYvciX56NVoyw4/wIyomucCbc+XTpo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nzmWaGPYL6i9HKOTaQX6HiSpoL8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:95:2a:7f:05:38:76:1d:7a:a5:b8:73:d1:9d:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f39966863d82fa8bd1ca3936905fa1e24a9a0bf
        Validity
            Not Before: Nov 11 10:01:01 2025 GMT
            Not After : Nov 12 10:01:01 2025 GMT
        Subject: CN=6d06fbb67ac58c13112796f6d7a19d9a272b67a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:a0:16:b4:a2:2b:cc:ae:f5:3a:50:ad:82:a1:
                    47:f8:d4:d5:73:51:a3:79:83:02:71:ea:f6:cc:7c:
                    ce:11:94:78:0f:af:13:0b:d7:43:33:c4:c9:ef:c3:
                    fe:2a:26:d9:7d:43:67:56:c3:1c:9d:8c:cd:36:c2:
                    e1:f8:b4:7e:cb:b2:96:a0:1e:7d:28:ca:04:b5:fd:
                    d7:86:0f:4e:ab:ca:7b:56:15:91:1f:ef:da:fd:ba:
                    00:c6:6a:d1:e6:f5:dc:5b:e3:94:27:17:99:1d:5b:
                    49:70:af:42:75:25:d6:36:26:ee:f5:96:b7:96:cb:
                    17:aa:37:87:9d:c9:60:38:2a:9e:60:65:eb:4f:30:
                    da:d9:7d:48:e1:c8:81:b6:15:40:c8:a7:54:f3:c3:
                    aa:29:8a:c5:58:3f:c8:c4:87:83:a5:02:98:3f:24:
                    ad:84:b0:e7:70:9b:78:54:9b:4d:05:7c:6a:7e:7d:
                    4b:c0:26:11:d8:56:2c:e2:f6:ce:2f:52:b7:d4:93:
                    86:ee:27:01:55:d9:bb:31:a8:a7:10:d2:18:5d:d2:
                    8f:c7:2c:f0:23:5a:3b:9d:eb:0a:32:52:7f:04:4a:
                    79:c0:8f:0a:41:17:2c:4c:f6:22:09:76:a6:ec:d7:
                    70:72:76:64:be:7c:1d:7b:39:3e:c1:09:6c:8f:29:
                    2a:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:06:FB:B6:7A:C5:8C:13:11:27:96:F6:D7:A1:9D:9A:27:2B:67:A8
            X509v3 Authority Key Identifier:
                keyid:9F:39:96:68:63:D8:2F:A8:BD:1C:A3:93:69:05:FA:1E:24:A9:A0:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzmWaGPYL6i9HKOTaQX6HiSpoL8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:46:9c:5c:1a:73:9b:0b:05:9a:19:31:fd:08:6e:40:7b:3e:
         a1:39:4e:aa:53:c6:0a:92:8c:fb:5f:90:6d:59:75:75:a6:08:
         be:63:c2:9e:75:70:74:7a:f8:51:18:e6:7d:ab:36:01:0c:5b:
         e0:1a:1e:60:ec:9a:50:7c:c7:9d:e9:36:ef:eb:cb:2d:71:1d:
         ef:fe:f2:83:53:6d:a0:09:07:6a:b8:69:ca:12:9b:03:14:f1:
         19:df:77:04:05:6b:43:08:6e:54:63:e2:6a:01:e5:55:83:22:
         e1:c3:82:d7:6a:b2:7b:b7:ea:8e:be:d9:24:ba:bc:89:62:df:
         ab:df:bf:5f:78:08:65:31:10:95:eb:2e:24:4e:4f:c7:17:70:
         87:ef:25:86:b5:2f:4b:4f:64:80:5d:57:3a:25:20:90:ef:e9:
         16:45:a1:22:ed:6d:90:02:90:d5:ae:9e:8b:99:7d:da:87:6a:
         15:58:ed:66:41:7b:ab:ee:42:3f:9a:1d:d9:18:ab:61:14:91:
         8e:27:84:3d:ea:a3:0c:9b:a3:6b:4d:32:55:a7:b2:1d:f1:e2:
         99:be:91:13:c5:a9:2c:b8:44:ea:16:d4:9a:78:bf:fd:df:4e:
         3f:eb:42:81:6e:4b:bd:2b:55:27:5d:42:15:66:08:11:9a:57:
         95:80:e6:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXJUqfwU4dh16pbhz0Z0LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzk5NjY4NjNkODJmYThiZDFjYTM5MzY5MDVmYTFlMjRh
OWEwYmYwHhcNMjUxMTExMTAwMTAxWhcNMjUxMTEyMTAwMTAxWjAzMTEwLwYDVQQD
Eyg2ZDA2ZmJiNjdhYzU4YzEzMTEyNzk2ZjZkN2ExOWQ5YTI3MmI2N2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1aAWtKIrzK71OlCtgqFH+NTVc1Gj
eYMCcer2zHzOEZR4D68TC9dDM8TJ78P+KibZfUNnVsMcnYzNNsLh+LR+y7KWoB59
KMoEtf3Xhg9Oq8p7VhWRH+/a/boAxmrR5vXcW+OUJxeZHVtJcK9CdSXWNibu9Za3
lssXqjeHnclgOCqeYGXrTzDa2X1I4ciBthVAyKdU88OqKYrFWD/IxIeDpQKYPySt
hLDncJt4VJtNBXxqfn1LwCYR2FYs4vbOL1K31JOG7icBVdm7MainENIYXdKPxyzw
I1o7nesKMlJ/BEp5wI8KQRcsTPYiCXam7NdwcnZkvnwdezk+wQlsjykqFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG0G+7Z6xYwTESeW9tehnZonK2eoMB8GA1UdIwQY
MBaAFJ85lmhj2C+ovRyjk2kF+h4kqaC/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnptV2FHUFlMNmk5SEtPVGFRWDZIaVNwb0w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9jM2UzYWQtNTFlYi00ZTk2LTk4YjIt
MGIxZDA5NDk4NTM0LzEvbnptV2FHUFlMNmk5SEtPVGFRWDZIaVNwb0w4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9jM2UzYWQtNTFlYi00ZTk2LTk4YjItMGIxZDA5NDk4NTM0
LzEvbnptV2FHUFlMNmk5SEtPVGFRWDZIaVNwb0w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd0acXBpz
mwsFmhkx/QhuQHs+oTlOqlPGCpKM+1+QbVl1daYIvmPCnnVwdHr4URjmfas2AQxb
4BoeYOyaUHzHnek27+vLLXEd7/7yg1NtoAkHarhpyhKbAxTxGd93BAVrQwhuVGPi
agHlVYMi4cOC12qye7fqjr7ZJLq8iWLfq9+/X3gIZTEQlesuJE5Pxxdwh+8lhrUv
S09kgF1XOiUgkO/pFkWhIu1tkAKQ1a6ei5l92odqFVjtZkF7q+5CP5od2RirYRSR
jieEPeqjDJuja00yVaeyHfHimb6RE8WpLLhE6hbUmni//d9OP+tCgW5LvStVJ11C
FWYIEZpXlYDmbg==
-----END CERTIFICATE-----